<div class="field"><input type="text" name="name" value="~name attr~"></div>
<div class="caption">Email</div>
- <div class="field"><input type="email" name="email" value="~email attr~"></div>
-
- <div class="caption">Robot Barrier (Required)</div>
- <div class="field_notes">Enter (below) the number between ~robot_minus_one~ and ~robot_plus_one~</div>
- <div class="field"><input type="text" name="robot" value="~robot attr~"></div>
+ <div class="field"><input type="hidden" name="fields" value="~robot_field attr~~email_field attr~"><input type="email" name="~robot_field attr~" value=""><input type="email" name="~email_field attr~" value="~email attr~"><script>document.write('<style>input[name="'+document.getElementsByName('fields')[0].value.substr(0, 16)+'"]{display:none}</style>')</script></div>
<div class="caption">Message</div>
<div class="field"><textarea style="box-sizing: border-box; width: 100%; height: 220px" name="comments">~comments html~</textarea></div>
$GLOBALS['contact_to'] = 'fixme@example.com';
$GLOBALS['contact_from'] = 'noreply@example.com';
$GLOBALS['contact_cc'] = '';
-$globals['contact_subject'] = '';
-$GLOBALS['contact_robot_answer'] = 1002;
+$GLOBALS['contact_subject'] = '';
require_once(__DIR__.'/'.'inc/wfpl/format.php');
require_once(__DIR__.'/'.'inc/wfpl/email.php');
+# generate a new random 16-character string
+function contact_new_field_key() {
+ $character_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+ $id = " ";
+
+ # PHP 4.2.0 and up seed the random number generator for you.
+ # Lets hope that it seeds with something harder to guess than the clock.
+ for($i = 0; $i < 16; ++$i) {
+ $id{$i} = $character_set{mt_rand(0, 61)};
+ }
+
+ return $id;
+}
+
function contact_get_fields() {
$data = array();
+
$data['name'] = format_oneline(_REQUEST_cut('name'));
- $data['email'] = format_email(_REQUEST_cut('email'));
- $data['robot'] = format_oneline(_REQUEST_cut('robot'));
$data['comments'] = format_unix(_REQUEST_cut('comments'));
+ $fields = _REQUEST_cut('fields');
+ if (preg_match('/^[a-zA-Z0-9]{32}$/', $fields)) {
+ $data['robot'] = format_oneline(_REQUEST_cut(substr($fields, 0, 16)));
+ $data['email'] = format_email(_REQUEST_cut(substr($fields, 16)));
+ }
+
return $data;
}
}
function contact_main_form() {
- $robot_correct = "" . $GLOBALS['contact_robot_answer'];
- $robot_minus_one = "" . ($GLOBALS['contact_robot_answer'] - 1);
- $robot_plus_one = "" . ($GLOBALS['contact_robot_answer'] + 1);
- tem_set('robot_minus_one', $robot_minus_one);
- tem_set('robot_plus_one', $robot_plus_one);
-
if (isset($_POST['name'])) {
$data = contact_get_fields();
$host = this_host();
+ # gj robot, you did it ;)
+ if ($data['robot'] !== '') {
+ return './contact_thanks';
+ }
+
if (!$data['name'] && !$data['email'] && !$data['comments']) {
// message("you didn't fill anything out")
- } elseif ($data['robot'] !== $robot_correct) {
- message("Please type $robot_correct into the Robot Barrier field");
+ } elseif (!$data['email']) {
+ message("Error: Please fill out the email field.");
} else {
- if ($GLOBALS['contact_to'] != 'fixme@example.com') {
+ $error = false;
+ if ($data['robot'] === '' && $GLOBALS['contact_to'] != 'fixme@example.com') {
$to = $GLOBALS['contact_to'];
if ($GLOBALS['contact_from'] === '') {
$from = "$host/contact <noreply@$host>";
$reply_to = $to;
if (isset($data['email']) and valid_email($data['email'])) {
$reply_to = $data['email'];
- if ($data['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $data['name']) !== false) {
+ if ($data['name'] and preg_match('/^[a-zA-Z0-9_\'. -]*$/', $data['name']) !== false) {
$reply_to = "$data[name] <$reply_to>";
}
}
$data = array();
}
+ $data['robot_field'] = contact_new_field_key();
+ $data['email_field'] = contact_new_field_key();
+
tem_set('form', $data);
}
Got questions, comments, patches, etc.? Contact Jason Woofenden